package com.gupao.config;

import javax.sql.DataSource;

import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.data.redis.connection.RedisConnectionFactory;
import org.springframework.http.HttpMethod;
import org.springframework.security.authentication.AuthenticationManager;
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.springframework.security.config.http.SessionCreationPolicy;
import org.springframework.security.core.userdetails.UserDetailsService;
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
import org.springframework.security.crypto.password.NoOpPasswordEncoder;
import org.springframework.security.oauth2.config.annotation.configurers.ClientDetailsServiceConfigurer;
import org.springframework.security.oauth2.config.annotation.web.configuration.AuthorizationServerConfigurerAdapter;
import org.springframework.security.oauth2.config.annotation.web.configuration.EnableAuthorizationServer;
import org.springframework.security.oauth2.config.annotation.web.configuration.EnableResourceServer;
import org.springframework.security.oauth2.config.annotation.web.configuration.ResourceServerConfigurerAdapter;
import org.springframework.security.oauth2.config.annotation.web.configurers.AuthorizationServerEndpointsConfigurer;
import org.springframework.security.oauth2.config.annotation.web.configurers.AuthorizationServerSecurityConfigurer;
import org.springframework.security.oauth2.config.annotation.web.configurers.ResourceServerSecurityConfigurer;
import org.springframework.security.oauth2.provider.token.store.JdbcTokenStore;
import org.springframework.security.provisioning.JdbcUserDetailsManager;

@Configuration
public class Auth2ServerConfig {
	
	public final static String OPENAPI_RESOURCE_ID="openapi"; 
	
	
	@Configuration
	@EnableWebSecurity
	public static class WebSecurityConfigaration extends WebSecurityConfigurerAdapter{
		
		@Autowired
		private DataSource dataSource;
		
		@Autowired
		UserDetailsService userDetailsService;
		
		@Autowired
		private OpenapiPasswordEncoder passwordEncoder;
		
		@Bean
	    public static NoOpPasswordEncoder passwordEncoder() {
	        return (NoOpPasswordEncoder) NoOpPasswordEncoder.getInstance();
	    }
		
		@Bean
		@Override
		protected AuthenticationManager authenticationManager() throws Exception {
			AuthenticationManager manager=super.authenticationManager();
			return manager;
		}
		
		
		
		@Override
		protected void configure(AuthenticationManagerBuilder auth) throws Exception {
			System.out.println("加密："+passwordEncoder.encode("111111"));
			auth.userDetailsService(userDetailsService).passwordEncoder(passwordEncoder);
		}

		@Bean
		@Override
		protected UserDetailsService userDetailsService() {
			JdbcUserDetailsManager userDetailsManager=new JdbcUserDetailsManager(dataSource);
			userDetailsManager.deleteUser("admin");
			return userDetailsManager;
		}

		@Override
		protected void configure(HttpSecurity http) throws Exception {
			http.requestMatchers().anyRequest().and().authorizeRequests().antMatchers("/oauth/*").permitAll();
		}
		
		
		
		
		
	}
	
	@Configuration
	@EnableResourceServer
	public static class ResourceServerConfigaration extends ResourceServerConfigurerAdapter{

		@Override
		public void configure(HttpSecurity http) throws Exception {
			http.sessionManagement().sessionCreationPolicy(SessionCreationPolicy.IF_REQUIRED)
			.and()
			.requestMatchers().anyRequest()
			.and()
			.anonymous()
			.and()
			.authorizeRequests()
			.antMatchers("/openapi/**").authenticated();
		}

		@Override
		public void configure(ResourceServerSecurityConfigurer resources) throws Exception {
			resources.resourceId(OPENAPI_RESOURCE_ID).stateless(true);
		}
		
	}
	
	@Configuration
	@EnableAuthorizationServer
	public static class AuthorizationServerConfigaration extends AuthorizationServerConfigurerAdapter{
		
		@Autowired
		private OpenapiClientDetailsService openapiClientDetailsService;
		
		@Autowired
		private BossJdbcClientDetailsService bossJdbcClientDetailsService;
		
		@Autowired
		private OpenapiPasswordEncoder passwordEncoder;
		
		@Autowired
		private NoOpPasswordEncoder noPasswordEncoder;
		
		@Autowired
		AuthenticationManager authenticationManager;
		
		@Autowired
		UserDetailsService userDetailsService;
		
		@Autowired
		RedisConnectionFactory redisConnectionFactory;
		
		@Autowired
		private DataSource dataSource;
		
		
		@Override
		public void configure(AuthorizationServerEndpointsConfigurer endpoints) throws Exception {
			endpoints.authenticationManager(authenticationManager)
			.userDetailsService(userDetailsService)
			.tokenStore(new JdbcTokenStore(dataSource))
			.allowedTokenEndpointRequestMethods(HttpMethod.GET, HttpMethod.POST);
		}
		
		

		@Override
		public void configure(AuthorizationServerSecurityConfigurer security) throws Exception {
			security.allowFormAuthenticationForClients().passwordEncoder(passwordEncoder);
		}

		@Override
		public void configure(ClientDetailsServiceConfigurer clients) throws Exception {
			clients.withClientDetails(bossJdbcClientDetailsService);
		}
		
	}
}
